菜单
Enforces a strict input boundary protocol (detect, classify, filter, verify) to ensure untrusted data never reaches business logic raw.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Version 2.35.0 | PRD to Production | Zero Human Intervention > Research-enhanced: OpenAI SDK, DeepMind, Anthropic, AWS Bedrock, Agent SDK, HN Production (2025)
Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review, incident response, and infrastructure security for any project.
A user may ask you to create, edit, or analyze the contents of a .docx file. A .docx file is essentially a ZIP archive containing XML files and other resources that you can read or edit. You have different tools and workflows available for different tasks.
Train or fine-tune TRL language models on Hugging Face Jobs, including SFT, DPO, GRPO, and GGUF export.
Scaffold, build, sign, and package SwiftPM macOS apps without Xcode projects.
A user may ask you to create, edit, or analyze the contents of a .pptx file. A .pptx file is essentially a ZIP archive containing XML files and other resources that you can read or edit. You have different tools and workflows available for different tasks.
| name | infinity |
| description | Enforces a strict input boundary protocol (detect, classify, filter, verify) to ensure untrusted data never reaches business logic raw. |
| risk | safe |
| source | community |
| date_added | 2026-06-23 |
Nothing untrusted ever reaches the core — it is stopped before contact. No external data touches the codebase raw. Every boundary where data enters the system must have a filter.
The #1 source of silent bugs, crashes, and vulnerabilities is external data that arrives in an unexpected shape and gets used directly without checking. This skill enforces a filter layer at every entry point, every time.
.body, .params, .query, .env, fs.read, or a third-party SDK responseBefore writing or modifying any code that involves external data, the AI must identify and list every entry point in scope:
The AI must not write any data-handling logic until every entry point in scope is listed.
For every entry point identified, the AI classifies it into one of three trust levels:
| Level | Definition | Examples |
|---|---|---|
TRUSTED | Internal constants, hardcoded values, your own compile-time config | Enum values, hardcoded defaults, internal constants |
SEMI-TRUSTED | Your own internal services, internal APIs, controlled infrastructure | Internal microservice responses, your own database reads |
UNTRUSTED | Anything from users, the internet, third parties, or the filesystem | User input, external API responses, uploaded files, env vars, CLI args |
Rule:
TRUSTEDinputs may be used directly.SEMI-TRUSTEDandUNTRUSTEDinputs must pass through a filter layer before any use.
The AI outputs this classification before writing any handling code:
INFINITY — BOUNDARY MAP
─────────────────────────────────────────
Entry Point | Trust Level | Filter Required
─────────────────────────────────────────
req.body.email | UNTRUSTED | ✓ format + sanitize
process.env.API_KEY | UNTRUSTED | ✓ presence + non-empty
internalService.getData()| SEMI-TRUSTED | ✓ schema validate
PAGINATION_LIMIT = 20 | TRUSTED | ✗ none needed
─────────────────────────────────────────
Every UNTRUSTED and SEMI-TRUSTED input must pass through validation before it reaches any business logic, storage, or rendering. The AI must apply the right filter type for the right context:
Type Checking
Schema Validation
Sanitization
Presence & Format Checks
Rejection Rule
// WRONG — using raw input directly
const user = await db.find(req.params.id);
// RIGHT — validate before use
const id = req.params.id;
if (!id || typeof id !== 'string' || !isValidUUID(id)) {
return res.status(400).json({ error: 'Invalid ID format' });
}
const user = await db.find(id);
Before the AI declares any data-handling code complete, it traces each entry point and confirms:
INFINITY — VERIFICATION
─────────────────────────────────────────
Entry Point | Filter Exists | Filter Type
─────────────────────────────────────────
req.body.email | ✓ YES | format + sanitize
process.env.API_KEY | ✓ YES | presence check
internalService.getData()| ✓ YES | schema validation
─────────────────────────────────────────
Unfiltered inputs reaching logic: NONE ✓
─────────────────────────────────────────
If any UNTRUSTED or SEMI-TRUSTED input reaches logic, storage, or rendering without a filter — the AI flags it. It does not silently pass.
| Phase | Action | Writes Code? |
|---|---|---|
| 1 — Detect | List all entry points in scope | ❌ No |
| 2 — Classify | Assign trust level to each input | ❌ No |
| 3 — Filter | Write filter layer for all UNTRUSTED + SEMI-TRUSTED | ✅ Yes |
| 4 — Verify | Trace each input, confirm filter exists | ❌ No |